<?php 
session_start();

include "connector.php";

$error = array();
$username = $_POST['username'];
$email = $_POST['email'];
$password1 = $_POST['pwd1'];
$password2 = $_POST['pwd2'];

$arraybool = array();
 
if ($_POST){
    if (validateAll() == true){
        $sql = "INSERT INTO user (username, password, email)
        VALUES
        ('$username', '$password1', '$email')";
    
        $con = mysql_connect("localhost", "root", "");
        if (!$con) {
            die('Could not connect: ' . mysql_error());
        }

        mysql_select_db("bropsdox", $con);
    
        if (!mysql_query($sql, $con)) {
            $msg = "Error-adding-new-profile";
        } else {
            $msg = "Adding-new-profile-was-successful";
        }
        //go to dashboard
        include "connector.php";

        // username and password sent from form 
        $myusername=$_POST['username']; 
        $mypassword=$_POST['pwd1'];

        // To protect MySQL injection (more detail about MySQL injection)
        $myusername = stripslashes($myusername);
        $mypassword = stripslashes($mypassword);
        $myusername = mysql_real_escape_string($myusername);
        $mypassword = mysql_real_escape_string($mypassword);

        $sql="SELECT * FROM user WHERE username='$myusername' and password='$mypassword'";
        $result=mysql_query($sql);

        // Mysql_num_row is counting table row
        $count=mysql_num_rows($result);
        // If result matched $myusername and $mypassword, table row must be 1 row

        if($count==1){
        // Register $myusername, $mypassword and redirect to file "login_success.php"
            session_register("myusername");
            session_register("mypassword"); 
            $dirPath = "path/".$myusername;
            $result = mkdir($dirPath, 0755);
            if ($result == 1) {
                echo $dirPath . " has been created";
            } else {
                echo $dirPath . " has NOT been created";
            }
            header("location:dashboard.php");
        }
    } else {
        $_SESSION['error'] = $error;  
        $_SESSION['post'] = $_POST;  
        header('Location: /bropsdox/register.php');
    }
}

//username
function validateUsername($username){
    global $arraybool;
    global $error;
    $sql = mysql_query("SELECT * FROM user WHERE username = '". $username."'");
    $row = mysql_fetch_array($sql);
    
    if(strlen($username)<5) {
        $error['username'] = 'username must contain at least 5 characters';
        //echo '</br> error username';
        $arraybool[0] = false;
        return false;
    } else {
        if ($row!=null){
            $error['username'] = 'username '.$username. ' sudah ada';
            $arraybool[0] = false;
            return false;
        } else {
            //echo '</br> username bener';
            $arraybool[0] = true;
            return true;
        }
    }
}

//email
function validateEmail($email){
    global $arraybool;
    global $error;
    $emailPattern = '/^[a-zA-Z0-9._-]+@[a-zA-Z0-9.-]+\.[a-zA-Z]{2,4}$/';
    $sql = mysql_query("SELECT * FROM user WHERE email = '". $email."'");
    $row = mysql_fetch_array($sql);
    if (!preg_match($emailPattern, $email)){
        $error['email'] = 'Email is invalid';
        echo '</br> email salah';
        $arraybool[1] = false;
        return false;
    } else {
        if ($row!=null){
            $error['email'] = 'email ' .$email. ' sudah ada';
            $arraybool[1] = false;
            return false;
        } else {
            $arraybool[1] = true;
            return true;
        }
    }
}

//password
function validatePassword($password1, $password2, $username, $email){
    global $arraybool;
    global $error;
    $pos = strpos($email, "@");
    $emailname = substr($email, 0, $pos-1);
    if(strlen($password1)<8){
        $error['pwd'] = 'Password must contain at least 8 characters';
        //echo '</br> password < 8';
        $arraybool[2] = false;
        return false;
    } else if (strcmp($password1,$password2)==0){
        if ((strcmp($password1, $username)==0) || (strcmp($password1, $emailname)==0)){
            $error['pwd'] = 'password must not be same as username or email';
            //echo '</br> kaga boleh sama passwordnya';
            $arraybool[2] = false;
            return false;
        } else {
            //echo '</br> password bener';
            $arraybool[2] = true;
            return true;
        }
    } else {
        $error['pwd'] = 'Please confirm your password again';
    }
}



function validateAll(){
    global $arraybool;
    //inisialize arraybool
    $arraybool[0] = false;$arraybool[1] = false;$arraybool[2] = false;
    $username = $_POST['username'];
    $email = $_POST['email'];
    $password1 = $_POST['pwd1'];
    $password2 = $_POST['pwd2'];
    validateUsername($username);
    validateEmail($email);
    validatePassword($password1, $password2, $username, $email);
    
    $obj = new ArrayObject( $arraybool );
    $it = $obj->getIterator();
    
    $bool = true;
    foreach ($it as $key=>$val){
        echo $key.":".$val."\n";
        if ($val == 1){
            $bool = true;
        } else {
            return false;
        }
    }
    //echo $bool;
    return $bool;
}

?>